How to use Secedit
Hi guys,
Any one of please tell me how to use secedit and cacls.exe.
Thanks
Anitha
Any one of please tell me how to use secedit and cacls.exe.
Thanks
Anitha
0 Comments
[ + ] Show comments
Answers (4)
Please log in to answer
Posted by:
nvdpraveen
18 years ago
Posted by:
rpfenninger
18 years ago
The place to start to work with secedit is mmc.
1)
Start your mmc and load the two security snap-ins.
Create a new template.
Define your needed rights within that template and save it. (Default path is windows\security\templates). The file will be saved as .inf.
2)
Now convert your .inf into a .sdb file.
Right click the 'security configuration an analyse' snap-in and choose 'open database'.
Define a name and click open.
Then choose the appropriate .inf file and important: activate that little 'clean up' check box.
Your .sdb file is being saved in Documents and Settings\username\My Documents\Security\Database
3)
If you like to test your .sdb file now, right click the 'security configuration and analyse' snap-in once again and choose 'configure now'.
4)
To apply this newly created .sdb file to different machines, include it within an MSI:
Create a Custom Action which does the following:
[SystemFolder]secedit /configure /db yourfile /quiet
Hope that helps
Good luck
Roland
1)
Start your mmc and load the two security snap-ins.
Create a new template.
Define your needed rights within that template and save it. (Default path is windows\security\templates). The file will be saved as .inf.
2)
Now convert your .inf into a .sdb file.
Right click the 'security configuration an analyse' snap-in and choose 'open database'.
Define a name and click open.
Then choose the appropriate .inf file and important: activate that little 'clean up' check box.
Your .sdb file is being saved in Documents and Settings\username\My Documents\Security\Database
3)
If you like to test your .sdb file now, right click the 'security configuration and analyse' snap-in once again and choose 'configure now'.
4)
To apply this newly created .sdb file to different machines, include it within an MSI:
Create a Custom Action which does the following:
[SystemFolder]secedit /configure /db yourfile /quiet
Hope that helps
Good luck
Roland
Posted by:
fosteky
18 years ago
Secedit I'm not too certain on, but I really do not recommend using cacls or even xcacls - both are extremely poor at NTFS propagation to existing child objects. Over the last year I've migrated the data off of over 40 Novell servers over to Windows file servers and had to find ways to redo all the old Novell permissioning using NTFS, and this involved alot of batch files and VB scripting, and I used a free utility called FILEACL that does what cacls and xcacls were supposed to do. The guy who made it provides adequate yet brief documentation that should enable you to get anything done with it that you might attempt with cacls or xcacls.
http://www.gbordier.com/gbtools/fileacl29.htm
http://www.gbordier.com/gbtools/fileacl29.htm
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.